Overview

overview

10

Static

static

3

2025-01-31...re.exe

windows7-x64

3

2025-01-31...re.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    41s
  • max time network
    19s
  • platform
    windows7_x64
  • resource
    win7-20241010-en
  • resource tags

    arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system
  • submitted
    31/01/2025, 04:44

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2025-01-31_be9070cef329332f8afa74c091d2ef15_bkransomware.exe

  • Size

    4.3MB

  • MD5

    be9070cef329332f8afa74c091d2ef15

  • SHA1

    d1d836e7885404d6986e39907c361f3eedb76b5a

  • SHA256

    9f5a7d655c1227e0ea7e7409d1aaefb956d3655c6125b757fc000e3eba8b8ea0

  • SHA512

    2968ce1d7daadeb3bf551600cde8273a57a79ed443fea16104859d40de4b2ab28e69bd6cf3e5dab80101cbf4c192bdd8e152630bf78093d17e094638554ff6ed

  • SSDEEP

    98304:vCxRXOhEc2MgYHTpnDUSU+zjsT7jpe6B5j:vphd2MgexUSUEjsT7jpF5j

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Suspicious behavior: EnumeratesProcesses 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2025-01-31_be9070cef329332f8afa74c091d2ef15_bkransomware.exe
    "C:\Users\Admin\AppData\Local\Temp\2025-01-31_be9070cef329332f8afa74c091d2ef15_bkransomware.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious behavior: EnumeratesProcesses
    PID:2376

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2376-0-0x0000000000400000-0x0000000000857000-memory.dmp

    Filesize

    4.3MB

    Download

  • memory/2376-1-0x0000000000400000-0x0000000000857000-memory.dmp

    Filesize

    4.3MB

    Download